I - Mission Critical Sensitive
Rules and Groups employed by this XCCDF Profile
-
Exch-2-336
<GroupDescription></GroupDescription>Group -
SMTP Sender Filter must be enabled.
<VulnDiscussion>Email system availability depends in part on best practices strategies for setting tuning configurations. Careful tuning redu...Rule Medium Severity -
Exch-2-339
<GroupDescription></GroupDescription>Group -
SMTP IP Allow List Connection Filter must be enabled.
<VulnDiscussion>Email system availability depends in part on best practices strategies for setting tuning configurations. Careful tuning redu...Rule Medium Severity -
Exch-2-342
<GroupDescription></GroupDescription>Group -
SMTP IP Allow List entries must be empty.
<VulnDiscussion>Email system availability depends in part on best practices strategies for setting tuning configurations. Careful tuning redu...Rule Medium Severity -
Exch-2-705
<GroupDescription></GroupDescription>Group -
Message size restrictions must be controlled on Receive connectors.
<VulnDiscussion>Email system availability depends in part on best practices strategies for setting tuning configurations. For message size re...Rule Low Severity -
Exch-2-708
<GroupDescription></GroupDescription>Group -
Internet Receive Connector connections count must be set to default.
<VulnDiscussion>Email system availability depends in part on best practices strategies for setting tuning configurations. This configuration ...Rule Low Severity -
Exch-2-710
<GroupDescription></GroupDescription>Group -
Receive Connector timeout must be limited.
<VulnDiscussion>Email system availability depends in part on best practices strategies for setting tuning. This configuration controls the ...Rule Low Severity -
Exch-2-715
<GroupDescription></GroupDescription>Group -
Internal Receive Connectors must not allow anonymous connections.
<VulnDiscussion>This control is used to limit the servers that may use this server as a relay. If a Simple Mail Transport Protocol (SMTP) se...Rule Medium Severity -
Exch-2-718
<GroupDescription></GroupDescription>Group -
Internal Receive Connectors must require encryption.
<VulnDiscussion>The Simple Mail Transfer Protocol (SMTP) Receive Connector is used by Exchange to send and receive messages from server to se...Rule Medium Severity -
Exch-2-721
<GroupDescription></GroupDescription>Group -
External Receive Connectors must be Domain Secure Enabled.
<VulnDiscussion>The Simple Mail Transfer Protocol (SMTP) connector is used by Exchange to send and receive messages from server to server. Th...Rule Medium Severity -
Exch-2-724
<GroupDescription></GroupDescription>Group -
Internet facing receive connectors must offer TLS before using basic authentication.
<VulnDiscussion>Sending unencrypted email over the Internet increases the risk that messages can be intercepted or altered. Transport Layer S...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.